STEM OPT Principal Cybersecurity Engineer Jobs
Principal Cybersecurity Engineer roles in defense, cloud security, and financial infrastructure regularly hire STEM OPT candidates with degrees in computer science, information security, or a related CIP-coded field. Your 24-month STEM OPT extension applies here, provided your employer is enrolled in E-Verify and your I-983 training plan maps directly to your degree.
Find STEM OPT Principal Cybersecurity Engineer JobsOverview
Showing 5 of 7+ Principal Cybersecurity Engineer jobs
See all Principal Cybersecurity Engineer Jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Principal Cybersecurity Engineer roles.
Get Access To All JobsSalary
$7,184.67 - $7,983.73 Monthly
Location
Cheyenne, WY
Job Type
Permanent Full-time
Remote Employment
Flexible/Hybrid
Job Number
2026-01508
Department
Wyoming Department of Enterprise Technology Services
Division
Enterprise Technology Services
Opening Date
06/08/2026
Closing Date
Continuous
FLSA
Determined by Position
Job Classification
CTMG11
GENERAL DESCRIPTION:
The Principal Cyber Security Engineer is the state's primary technical authority for advanced endpoint defense, Zero Trust Architecture (ZTA), overarching cybersecurity architecture, and the resolution of high-complexity security incidents across a unique hybrid ecosystem. This position functions as a senior technical specialist responsible for engineering the enterprise security stack to protect both a progressive Google cloud environment (Google Workspace, GCP) and a robust Windows enterprise infrastructure.
The role handles "hard" incidents requiring advanced forensics and malware analysis, developing bespoke Python scripts and API integrations to bridge the gap between Google Workspace/GCP telemetry, CrowdStrike Falcon, and Active Directory. This position ensures a unified, compliant defensive posture, enabling the state to neutralize sophisticated threats across diverse operating environments, and provides strategic architectural guidance for all state agencies. Working for the State of Wyoming offers more than a paycheck. Our total compensation package includes:
- Comprehensive health, dental, and vision insurance
- Paid vacation, sick leave, FMLA and holidays
- Retirement - Pension and 457B plans that help you build a secure future
- Flexible schedules and work-life balance options
- Meaningful work that makes a difference for Wyoming communities and MUCH MORE!
ESSENTIAL FUNCTIONS: The listed functions are illustrative only and are not intended to describe every function that may be performed at this job level.
- Architectural Leadership & CISO Advisory: Serves as the state’s lead security architect, defining overarching cybersecurity architecture across all domains, advising the CISO on emerging threats, evaluating enterprise-wide security investments, and setting state-wide technical standards.
- Endpoint & Zero Trust Engineering: Leads engineering for CrowdStrike Falcon and enterprise Zero Trust frameworks, architecting conditional access policies that securely bridge Google Environments with Active Directory.
- Infrastructure Optimization: Optimizes sensor and log ingestion across Windows servers, cloud-native workloads, and multi-cloud (GCP/Azure/AWS) environments to ensure 100% visibility.
- Tier 4 Incident Response: Serves as the final escalation point for the most complex security breaches, performing deep-dive forensics spanning memory analysis on obfuscated Windows malware to anomalous behavioral tracking within Google Workspace audit logs.
- Containment & Remediation: Reconstructs attack timelines, identifies persistence, and leads technical containment for state-level crises.
- Security Automation: Utilizes Python, PowerShell, and Bash to automate complex security workflows and builds custom API bridges utilizing Google Workspace Admin SDK, GCP Security Command Center, and CrowdStrike APIs to orchestrate automated response actions.
- Compliance-as-Code: Designs infrastructure security using IaC (Terraform/Ansible) to ensure all systems meet CJIS, IRS Pub 1075, and NIST 800-53 requirements by default.
- Infrastructure Hardening: Implements hardening baselines tailored for both cloud-native workloads and Windows systems based on emerging threat intelligence.
- Threat Modeling & Mentorship: Performs proactive threat modeling on new enterprise systems before deployment and provides technical mentorship to CSOC Analysts and junior engineers.
PREFERENCES:
Preference may be given to candidates with a proven track record of handling high-stakes breaches and managing enterprise-scale security platforms across hybrid Windows/Cloud environments.
Preference may be given to candidates with verifiable project history in custom security tooling and integration.
KNOWLEDGE:
- Mastery of general cybersecurity architecture, enterprise defense strategies, and unified threat management.
- Expert knowledge of the CrowdStrike Falcon platform, Real Time Response (RTR), sensor deployment, Windows kernel hardening, and Active Directory security.
- Deep expertise in securing Google Environments (Google Workspace, Google Cloud Platform (GCP) IAM, Security Command Center) and bridging cloud environments with Active Directory.
- Expert proficiency in Python and PowerShell for security automation and REST API interaction (especially Google Admin SDK and CrowdStrike APIs).
- Advanced knowledge of memory forensics, malware analysis, and cloud telemetry hunting via the MITRE ATT&CK framework.
- Working knowledge of applying CJIS, IRS Pub 1075, and NIST 800-53 controls to both cloud and local assets.
- Ability to translate complex technical risks into business terms for executive leadership.
MINIMUM QUALIFICATIONS:
Education:
Bachelor's Degree (typically in Computer Technology)
Experience:
1-3 years of progressive work experience (typically in Computer Technology)
OR
Education & Experience Substitution:
4-7 years of progressive work experience (typically in Computer Technology)
Certificates, Licenses, Registrations:
None
PHYSICAL WORKING CONDITIONS:
- Typically, the employee may sit comfortably to perform the work; however, there may be some walking, standing, bending, carrying light items, driving an automobile, etc.
- Special physical demands are not required to perform the work.
NOTES:
- FLSA: Nonexempt
- Successful applicants must pass a comprehensive fingerprint-based background check to comply with CJIS and IRS Pub 1075 access requirements.
- Must be available for 24/7 on-call rotation and immediate emergency response during state-level cyber incidents.
The State of Wyoming is an Equal Opportunity Employer and actively supports the ADA and reasonably accommodates qualified applicants with disabilities.
Class Specifications are subject to change, please refer to the A & I HRD Website to ensure that you have the most recent version.
Salary
$7,184.67 - $7,983.73 Monthly
Location
Cheyenne, WY
Job Type
Permanent Full-time
Remote Employment
Flexible/Hybrid
Job Number
2026-01508
Department
Wyoming Department of Enterprise Technology Services
Division
Enterprise Technology Services
Opening Date
06/08/2026
Closing Date
Continuous
FLSA
Determined by Position
Job Classification
CTMG11
GENERAL DESCRIPTION:
The Principal Cyber Security Engineer is the state's primary technical authority for advanced endpoint defense, Zero Trust Architecture (ZTA), overarching cybersecurity architecture, and the resolution of high-complexity security incidents across a unique hybrid ecosystem. This position functions as a senior technical specialist responsible for engineering the enterprise security stack to protect both a progressive Google cloud environment (Google Workspace, GCP) and a robust Windows enterprise infrastructure.
The role handles "hard" incidents requiring advanced forensics and malware analysis, developing bespoke Python scripts and API integrations to bridge the gap between Google Workspace/GCP telemetry, CrowdStrike Falcon, and Active Directory. This position ensures a unified, compliant defensive posture, enabling the state to neutralize sophisticated threats across diverse operating environments, and provides strategic architectural guidance for all state agencies. Working for the State of Wyoming offers more than a paycheck. Our total compensation package includes:
- Comprehensive health, dental, and vision insurance
- Paid vacation, sick leave, FMLA and holidays
- Retirement - Pension and 457B plans that help you build a secure future
- Flexible schedules and work-life balance options
- Meaningful work that makes a difference for Wyoming communities and MUCH MORE!
ESSENTIAL FUNCTIONS: The listed functions are illustrative only and are not intended to describe every function that may be performed at this job level.
- Architectural Leadership & CISO Advisory: Serves as the state’s lead security architect, defining overarching cybersecurity architecture across all domains, advising the CISO on emerging threats, evaluating enterprise-wide security investments, and setting state-wide technical standards.
- Endpoint & Zero Trust Engineering: Leads engineering for CrowdStrike Falcon and enterprise Zero Trust frameworks, architecting conditional access policies that securely bridge Google Environments with Active Directory.
- Infrastructure Optimization: Optimizes sensor and log ingestion across Windows servers, cloud-native workloads, and multi-cloud (GCP/Azure/AWS) environments to ensure 100% visibility.
- Tier 4 Incident Response: Serves as the final escalation point for the most complex security breaches, performing deep-dive forensics spanning memory analysis on obfuscated Windows malware to anomalous behavioral tracking within Google Workspace audit logs.
- Containment & Remediation: Reconstructs attack timelines, identifies persistence, and leads technical containment for state-level crises.
- Security Automation: Utilizes Python, PowerShell, and Bash to automate complex security workflows and builds custom API bridges utilizing Google Workspace Admin SDK, GCP Security Command Center, and CrowdStrike APIs to orchestrate automated response actions.
- Compliance-as-Code: Designs infrastructure security using IaC (Terraform/Ansible) to ensure all systems meet CJIS, IRS Pub 1075, and NIST 800-53 requirements by default.
- Infrastructure Hardening: Implements hardening baselines tailored for both cloud-native workloads and Windows systems based on emerging threat intelligence.
- Threat Modeling & Mentorship: Performs proactive threat modeling on new enterprise systems before deployment and provides technical mentorship to CSOC Analysts and junior engineers.
PREFERENCES:
Preference may be given to candidates with a proven track record of handling high-stakes breaches and managing enterprise-scale security platforms across hybrid Windows/Cloud environments.
Preference may be given to candidates with verifiable project history in custom security tooling and integration.
KNOWLEDGE:
- Mastery of general cybersecurity architecture, enterprise defense strategies, and unified threat management.
- Expert knowledge of the CrowdStrike Falcon platform, Real Time Response (RTR), sensor deployment, Windows kernel hardening, and Active Directory security.
- Deep expertise in securing Google Environments (Google Workspace, Google Cloud Platform (GCP) IAM, Security Command Center) and bridging cloud environments with Active Directory.
- Expert proficiency in Python and PowerShell for security automation and REST API interaction (especially Google Admin SDK and CrowdStrike APIs).
- Advanced knowledge of memory forensics, malware analysis, and cloud telemetry hunting via the MITRE ATT&CK framework.
- Working knowledge of applying CJIS, IRS Pub 1075, and NIST 800-53 controls to both cloud and local assets.
- Ability to translate complex technical risks into business terms for executive leadership.
MINIMUM QUALIFICATIONS:
Education:
Bachelor's Degree (typically in Computer Technology)
Experience:
1-3 years of progressive work experience (typically in Computer Technology)
OR
Education & Experience Substitution:
4-7 years of progressive work experience (typically in Computer Technology)
Certificates, Licenses, Registrations:
None
PHYSICAL WORKING CONDITIONS:
- Typically, the employee may sit comfortably to perform the work; however, there may be some walking, standing, bending, carrying light items, driving an automobile, etc.
- Special physical demands are not required to perform the work.
NOTES:
- FLSA: Nonexempt
- Successful applicants must pass a comprehensive fingerprint-based background check to comply with CJIS and IRS Pub 1075 access requirements.
- Must be available for 24/7 on-call rotation and immediate emergency response during state-level cyber incidents.
The State of Wyoming is an Equal Opportunity Employer and actively supports the ADA and reasonably accommodates qualified applicants with disabilities.
Class Specifications are subject to change, please refer to the A & I HRD Website to ensure that you have the most recent version.
See all STEM OPT Principal Cybersecurity Engineer Jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new STEM OPT Principal Cybersecurity Engineer Jobs.
Get Access To All JobsTips for Finding STEM OPT Authorization as a Principal Cybersecurity Engineer
Verify your CIP code before applying
Confirm your degree's Classification of Instructional Programs code qualifies under the STEM OPT extension list maintained by DHS. Cybersecurity programs (CIP 11.1003) and computer science programs (CIP 11.0701) typically qualify, but network administration or general IT degrees may not.
Check E-Verify status before accepting offers
Your employer must be actively enrolled in E-Verify for your STEM OPT extension to be valid. Search the E-Verify employer database directly to confirm enrollment before you sign anything. Federal contractors are required to participate, making them reliable targets.
Build your I-983 training plan around security domains
Your I-983 must detail specific learning objectives tied to your STEM degree. For cybersecurity engineering roles, map training goals to NIST frameworks, threat modeling methodologies, or zero-trust architecture work you'll perform, not just your job title or team.
Target clearance-eligible roles with OPT timelines in mind
Many Principal Cybersecurity Engineer positions at defense contractors require security clearances that can take 12 to 18 months to process. Focus your search on roles where clearance is preferred but not required to start, giving you time to pursue H-1B visa sponsorship in parallel.
Use Migrate Mate to find employers with STEM OPT hiring history
Filter your job search on Migrate Mate to surface Principal Cybersecurity Engineer roles at employers with verified STEM OPT and E-Verify participation. This cuts the research time spent confirming employer eligibility before you apply.
File your STEM OPT extension application 90 days early
USCIS allows you to file the I-765 for your STEM OPT extension up to 90 days before your initial OPT expires. Submitting early protects your authorization if adjudication runs long, and your existing EAD remains valid while the extension is pending.
Frequently Asked Questions
Does a computer science or information security degree qualify for the STEM OPT extension for this role?
Yes, if your degree's CIP code appears on the DHS STEM Designated Degree Program List. Computer science (CIP 11.0701), computer and information systems security (CIP 11.1003), and related engineering fields typically qualify. Your DSO can confirm your specific CIP code. A general information technology or business technology degree may not qualify even if your job title is in cybersecurity.
Does my employer need to be enrolled in E-Verify for my STEM OPT extension to be valid?
Yes. E-Verify enrollment is a hard requirement for STEM OPT. Your employer must be actively enrolled before your extension begins, not just registered. You can confirm enrollment through the E-Verify employer search tool. Federal contractors and subcontractors are generally required to participate, which makes them more predictable targets for STEM OPT job seekers in cybersecurity.
What should my I-983 training plan include for a Principal Cybersecurity Engineer position?
Your I-983 must directly connect the work you'll perform to your STEM degree's learning objectives. For a Principal Cybersecurity Engineer role, this means specifying security architecture design, vulnerability assessment methodologies, incident response protocols, or compliance framework implementation you'll own. Generic descriptions like 'performs security work' are insufficient. USCIS expects a clear line from your degree field to your daily responsibilities.
How does cap-gap protection work if my H-1B is selected in the lottery while I'm on STEM OPT?
If your STEM OPT is still active when your H-1B petition is filed and selected in the lottery, cap-gap extends your work authorization through September 30 of the fiscal year your H-1B takes effect. You can continue working in your Principal Cybersecurity Engineer role without interruption. Your employer doesn't need to take additional action beyond ensuring the H-1B petition is timely filed before your OPT end date.
Where can I find Principal Cybersecurity Engineer jobs where employers already understand STEM OPT requirements?
Migrate Mate lists Principal Cybersecurity Engineer roles filtered for employers with STEM OPT and E-Verify eligibility, so you're not spending time vetting employer compliance manually. Employers in defense contracting, financial services, and enterprise cloud security are among the most consistent STEM OPT hirers in this role category, and Migrate Mate surfaces those postings with the relevant authorization details already verified.